Identity-Aware Proxy (IAP) lets you manage access to applications
running in App Engine standard environment,
App Engine flexible environment, Compute Engine, and
GKE. IAP establishes a central
authorization layer for applications accessed by HTTPS, so you can adopt an
application-level access control model instead of using network-level
firewalls. When you turn on IAP, you must also use signed headers or the
App Engine standard environment Users API to secure your app.
Try IAP tutorials, training courses, and
Qwiklabs from Google Cloud.
Security in Google Cloud
In this training course, you will learn about a variety of Google Cloud security controls and techniques. You'll explore the components of Google Cloud and deploy a secure solution on the platform. You'll also learn how to mitigate attacks at several points in a Google Cloud-based infrastructure, including distributed denial-of-service attacks, phishing attacks, and threats involving content classification and use.